Hi,
I fixed this today.
Here is how you set up ClamAV mailscanning on Ubuntu 14.04 LTS (and test it).
The simplest way to add it is by installing an configuring clamsmtp, it’s very lightweight and fast.
You can find it here if you want to know more: http://thewalter.net/stef/software/clamsmtp/
Anyways, here we go, open up a rootshell and type:
apt-get update
apt-get upgrade
apt-get install clamav clamav-freshclam clamsmtp
adduser clamsmtp clamav
This will install get the latest packages/updates and install the necessary dependencies plus add clamsmtp to the clamav group.
Now open up /etc/clamsmtpd.conf
vi /etc/clamsmtpd.conf
Now make sure you have the following two lines defined as below (you probably will have to change the ports).
OutAddress: 20025
Listen: 127.0.0.1:20026
Header: X-AV-Checked: AV Checked
Save the file and open up /etc/postfix/main.cf
Make sure that the following line is in there (again, you might change the port to resemble the port below).
virtual_transport=lmtp:[127.0.0.1]:10025
Then scroll down the file and add these lines to it:
# Added for ClamaV
content_filter = scan:127.0.0.1:20026
receive_override_options = no_address_mappings
Close main.cf and open up yet another file: /etc/postfix/master.cf
In the end of this file, paste:
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-
-o smtp_send_xforward_command=yes*
# For injecting mail back into postfix from the filter
127.0.0.1:20025 inet n - n - 16 smtpd
-
-o content_filter=* -
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks* -
-o smtpd_helo_restrictions=* -
-o smtpd_client_restrictions=* -
-o smtpd_sender_restrictions=* -
-o smtpd_recipient_restrictions=permit_mynetworks,reject* -
-o mynetworks_style=host* -
-o smtpd_authorized_xforward_hosts=127.0.0.0/8*
Now restart your deamons:
/etc/init.d/postfix restart
/etc/init.d/clamsmtpd restart
/etc/init.d/clamav-daemon restart
(if you get errors that IP’s do not bind the correct way, restart your box).
Now to update your virus definitions type:
freshclam
You might want to add this to your crontab by running crontab -e
57 20 * * * /usr/bin/freshclam --quiet
This will update your virus definitions everyday automatically.
Now everything should be working fine, you can testing to sending yourself an email and checking out the headers. For instance in roundcube, go to your inbox, click on an email, click on the settings button on the icon bar and select “view source”. You should see the following header in there somewhere:
X-AV-Checked: AV Checked
If so… it works.
Hope this helps!